1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
moby--moby/integration-cli/docker_cli_pull_test.go
Sebastiaan van Stijn f4bf61c79d Merge pull request #33005 from alfred-landrum/denied-error
Suggest login on pull denial
2017-06-13 01:51:18 +02:00

284 lines
11 KiB
Go

package main
import (
"fmt"
"regexp"
"strings"
"sync"
"time"
"github.com/docker/docker/integration-cli/checker"
"github.com/go-check/check"
"github.com/opencontainers/go-digest"
)
// TestPullFromCentralRegistry pulls an image from the central registry and verifies that the client
// prints all expected output.
func (s *DockerHubPullSuite) TestPullFromCentralRegistry(c *check.C) {
testRequires(c, DaemonIsLinux)
out := s.Cmd(c, "pull", "hello-world")
defer deleteImages("hello-world")
c.Assert(out, checker.Contains, "Using default tag: latest", check.Commentf("expected the 'latest' tag to be automatically assumed"))
c.Assert(out, checker.Contains, "Pulling from library/hello-world", check.Commentf("expected the 'library/' prefix to be automatically assumed"))
c.Assert(out, checker.Contains, "Downloaded newer image for hello-world:latest")
matches := regexp.MustCompile(`Digest: (.+)\n`).FindAllStringSubmatch(out, -1)
c.Assert(len(matches), checker.Equals, 1, check.Commentf("expected exactly one image digest in the output"))
c.Assert(len(matches[0]), checker.Equals, 2, check.Commentf("unexpected number of submatches for the digest"))
_, err := digest.Parse(matches[0][1])
c.Check(err, checker.IsNil, check.Commentf("invalid digest %q in output", matches[0][1]))
// We should have a single entry in images.
img := strings.TrimSpace(s.Cmd(c, "images"))
splitImg := strings.Split(img, "\n")
c.Assert(splitImg, checker.HasLen, 2)
c.Assert(splitImg[1], checker.Matches, `hello-world\s+latest.*?`, check.Commentf("invalid output for `docker images` (expected image and tag name"))
}
// TestPullNonExistingImage pulls non-existing images from the central registry, with different
// combinations of implicit tag and library prefix.
func (s *DockerHubPullSuite) TestPullNonExistingImage(c *check.C) {
testRequires(c, DaemonIsLinux)
type entry struct {
repo string
alias string
tag string
}
entries := []entry{
{"asdfasdf", "asdfasdf", "foobar"},
{"asdfasdf", "library/asdfasdf", "foobar"},
{"asdfasdf", "asdfasdf", ""},
{"asdfasdf", "asdfasdf", "latest"},
{"asdfasdf", "library/asdfasdf", ""},
{"asdfasdf", "library/asdfasdf", "latest"},
}
// The option field indicates "-a" or not.
type record struct {
e entry
option string
out string
err error
}
// Execute 'docker pull' in parallel, pass results (out, err) and
// necessary information ("-a" or not, and the image name) to channel.
var group sync.WaitGroup
recordChan := make(chan record, len(entries)*2)
for _, e := range entries {
group.Add(1)
go func(e entry) {
defer group.Done()
repoName := e.alias
if e.tag != "" {
repoName += ":" + e.tag
}
out, err := s.CmdWithError("pull", repoName)
recordChan <- record{e, "", out, err}
}(e)
if e.tag == "" {
// pull -a on a nonexistent registry should fall back as well
group.Add(1)
go func(e entry) {
defer group.Done()
out, err := s.CmdWithError("pull", "-a", e.alias)
recordChan <- record{e, "-a", out, err}
}(e)
}
}
// Wait for completion
group.Wait()
close(recordChan)
// Process the results (out, err).
for record := range recordChan {
if len(record.option) == 0 {
c.Assert(record.err, checker.NotNil, check.Commentf("expected non-zero exit status when pulling non-existing image: %s", record.out))
c.Assert(record.out, checker.Contains, fmt.Sprintf("pull access denied for %s, repository does not exist or may require 'docker login'", record.e.repo), check.Commentf("expected image not found error messages"))
} else {
// pull -a on a nonexistent registry should fall back as well
c.Assert(record.err, checker.NotNil, check.Commentf("expected non-zero exit status when pulling non-existing image: %s", record.out))
c.Assert(record.out, checker.Contains, fmt.Sprintf("pull access denied for %s, repository does not exist or may require 'docker login'", record.e.repo), check.Commentf("expected image not found error messages"))
c.Assert(record.out, checker.Not(checker.Contains), "unauthorized", check.Commentf(`message should not contain "unauthorized"`))
}
}
}
// TestPullFromCentralRegistryImplicitRefParts pulls an image from the central registry and verifies
// that pulling the same image with different combinations of implicit elements of the image
// reference (tag, repository, central registry url, ...) doesn't trigger a new pull nor leads to
// multiple images.
func (s *DockerHubPullSuite) TestPullFromCentralRegistryImplicitRefParts(c *check.C) {
testRequires(c, DaemonIsLinux)
// Pull hello-world from v2
pullFromV2 := func(ref string) (int, string) {
out := s.Cmd(c, "pull", "hello-world")
v1Retries := 0
for strings.Contains(out, "this image was pulled from a legacy registry") {
// Some network errors may cause fallbacks to the v1
// protocol, which would violate the test's assumption
// that it will get the same images. To make the test
// more robust against these network glitches, allow a
// few retries if we end up with a v1 pull.
if v1Retries > 2 {
c.Fatalf("too many v1 fallback incidents when pulling %s", ref)
}
s.Cmd(c, "rmi", ref)
out = s.Cmd(c, "pull", ref)
v1Retries++
}
return v1Retries, out
}
pullFromV2("hello-world")
defer deleteImages("hello-world")
s.Cmd(c, "tag", "hello-world", "hello-world-backup")
for _, ref := range []string{
"hello-world",
"hello-world:latest",
"library/hello-world",
"library/hello-world:latest",
"docker.io/library/hello-world",
"index.docker.io/library/hello-world",
} {
var out string
for {
var v1Retries int
v1Retries, out = pullFromV2(ref)
// Keep repeating the test case until we don't hit a v1
// fallback case. We won't get the right "Image is up
// to date" message if the local image was replaced
// with one pulled from v1.
if v1Retries == 0 {
break
}
s.Cmd(c, "rmi", ref)
s.Cmd(c, "tag", "hello-world-backup", "hello-world")
}
c.Assert(out, checker.Contains, "Image is up to date for hello-world:latest")
}
s.Cmd(c, "rmi", "hello-world-backup")
// We should have a single entry in images.
img := strings.TrimSpace(s.Cmd(c, "images"))
splitImg := strings.Split(img, "\n")
c.Assert(splitImg, checker.HasLen, 2)
c.Assert(splitImg[1], checker.Matches, `hello-world\s+latest.*?`, check.Commentf("invalid output for `docker images` (expected image and tag name"))
}
// TestPullScratchNotAllowed verifies that pulling 'scratch' is rejected.
func (s *DockerHubPullSuite) TestPullScratchNotAllowed(c *check.C) {
testRequires(c, DaemonIsLinux)
out, err := s.CmdWithError("pull", "scratch")
c.Assert(err, checker.NotNil, check.Commentf("expected pull of scratch to fail"))
c.Assert(out, checker.Contains, "'scratch' is a reserved name")
c.Assert(out, checker.Not(checker.Contains), "Pulling repository scratch")
}
// TestPullAllTagsFromCentralRegistry pulls using `all-tags` for a given image and verifies that it
// results in more images than a naked pull.
func (s *DockerHubPullSuite) TestPullAllTagsFromCentralRegistry(c *check.C) {
testRequires(c, DaemonIsLinux)
s.Cmd(c, "pull", "busybox")
outImageCmd := s.Cmd(c, "images", "busybox")
splitOutImageCmd := strings.Split(strings.TrimSpace(outImageCmd), "\n")
c.Assert(splitOutImageCmd, checker.HasLen, 2)
s.Cmd(c, "pull", "--all-tags=true", "busybox")
outImageAllTagCmd := s.Cmd(c, "images", "busybox")
linesCount := strings.Count(outImageAllTagCmd, "\n")
c.Assert(linesCount, checker.GreaterThan, 2, check.Commentf("pulling all tags should provide more than two images, got %s", outImageAllTagCmd))
// Verify that the line for 'busybox:latest' is left unchanged.
var latestLine string
for _, line := range strings.Split(outImageAllTagCmd, "\n") {
if strings.HasPrefix(line, "busybox") && strings.Contains(line, "latest") {
latestLine = line
break
}
}
c.Assert(latestLine, checker.Not(checker.Equals), "", check.Commentf("no entry for busybox:latest found after pulling all tags"))
splitLatest := strings.Fields(latestLine)
splitCurrent := strings.Fields(splitOutImageCmd[1])
// Clear relative creation times, since these can easily change between
// two invocations of "docker images". Without this, the test can fail
// like this:
// ... obtained []string = []string{"busybox", "latest", "d9551b4026f0", "27", "minutes", "ago", "1.113", "MB"}
// ... expected []string = []string{"busybox", "latest", "d9551b4026f0", "26", "minutes", "ago", "1.113", "MB"}
splitLatest[3] = ""
splitLatest[4] = ""
splitLatest[5] = ""
splitCurrent[3] = ""
splitCurrent[4] = ""
splitCurrent[5] = ""
c.Assert(splitLatest, checker.DeepEquals, splitCurrent, check.Commentf("busybox:latest was changed after pulling all tags"))
}
// TestPullClientDisconnect kills the client during a pull operation and verifies that the operation
// gets cancelled.
//
// Ref: docker/docker#15589
func (s *DockerHubPullSuite) TestPullClientDisconnect(c *check.C) {
testRequires(c, DaemonIsLinux)
repoName := "hello-world:latest"
pullCmd := s.MakeCmd("pull", repoName)
stdout, err := pullCmd.StdoutPipe()
c.Assert(err, checker.IsNil)
err = pullCmd.Start()
c.Assert(err, checker.IsNil)
// Cancel as soon as we get some output.
buf := make([]byte, 10)
_, err = stdout.Read(buf)
c.Assert(err, checker.IsNil)
err = pullCmd.Process.Kill()
c.Assert(err, checker.IsNil)
time.Sleep(2 * time.Second)
_, err = s.CmdWithError("inspect", repoName)
c.Assert(err, checker.NotNil, check.Commentf("image was pulled after client disconnected"))
}
func (s *DockerRegistryAuthHtpasswdSuite) TestPullNoCredentialsNotFound(c *check.C) {
// @TODO TestPullNoCredentialsNotFound expects docker to fall back to a v1 registry, so has to be updated for v17.12, when v1 registries are no longer supported
s.d.StartWithBusybox(c, "--disable-legacy-registry=false")
// we don't care about the actual image, we just want to see image not found
// because that means v2 call returned 401 and we fell back to v1 which usually
// gives a 404 (in this case the test registry doesn't handle v1 at all)
out, err := s.d.Cmd("pull", privateRegistryURL+"/busybox")
c.Assert(err, check.NotNil, check.Commentf(out))
c.Assert(out, checker.Contains, "Error: image busybox:latest not found")
}
// Regression test for https://github.com/docker/docker/issues/26429
func (s *DockerSuite) TestPullLinuxImageFailsOnWindows(c *check.C) {
testRequires(c, DaemonIsWindows, Network)
_, _, err := dockerCmdWithError("pull", "ubuntu")
c.Assert(err.Error(), checker.Contains, "cannot be used on this platform")
}
// Regression test for https://github.com/docker/docker/issues/28892
func (s *DockerSuite) TestPullWindowsImageFailsOnLinux(c *check.C) {
testRequires(c, DaemonIsLinux, Network)
_, _, err := dockerCmdWithError("pull", "microsoft/nanoserver")
c.Assert(err.Error(), checker.Contains, "cannot be used on this platform")
}